Profiling attacks: when to use classical template attacks, machine learning, and deep learning

Hi!

I’m wondering if anyone could provide some rules of thumb for when to use classical template attacks instead of machine learning/deep learning for SCA, and also when to use machine learning techniques instead of deep learning.

I know that opinions and definitions differ as of how to separate machine learning from deep learning, but one definition I’ve seen is that deep learning is when you have more than one hidden layer. Anyways, so for machine learning, I’m aware of the Gaussian Naive Bayes method, random forest, support vector machines (SVM). And for deep learning convolutional neural network (CNN), multilayer perceptron (MLP), autoencoders, and recurrent neural networks. I don’t have much knowledge about these techniques yet, I’m just aware of that they’re used for SCA. I’m basically just wondering in what typical cases would you use classical template attacks instead of e.g. CNN, and when to use SVM instead of MLP, etc. Just some general rules of thumb or considerations, cause it’s quite time consuming if I were to test all the possible techniques for a problem if it would be obvious to use one instead of another.

Thanks!

Difficult to say. I am not aware of any reliable rule of thumb between TA vs ML/DL. My personal inclination within DL is to say that profiled attack on 2 classes -> MLP, profiled attack on more classes -> more complex models (like some CNN). Possibly also longer traces -> more complex models, shorter traces -> simpler models. But others may have different experience. I think it’s difficult to make any strong statements about this topic, so better to apply as many techniques as you can.